Here is my config for SPF:
accept
condition = ${if eq {$sender_address}{}{yes}{no}}
add_header = X-SPF-Signature: none (Blank sender)
set acl_m1 = 2
set acl_m2 = =E2=9E=96 SPF-signatur saknas
deny
message = 5.7.23 SPF fail (phishing) -
(${sg{${sg{$spf_smtp_comment}{http\:\/\/www\.open-spf\.org\/Why}{https:\/\/w
ww.sebbe.eu\/spf.cgi}}}{&receiver=sebbe\.eu}{}})
log_message = SPF check failed: ($spf_header_comment)
spf = fail : softfail
warn
set acl_m1 = 4
warn
spf = pass
add_header = X-SPF-Signature: $spf_result ($spf_header_comment)
set acl_m1 = 3
set acl_m2 = =E2=9C=94=EF=B8=8F SPF-signaturen =C3=A4r giltig
warn
spf = none : neutral
add_header = X-SPF-Signature: $spf_result ($spf_header_comment)
set acl_m1 = 2
set acl_m2 = =E2=9E=96 SPF-signatur saknas
warn
spf = permerror : temperror
log_message = SPF failure: $spf_header_comment
add_header = X-SPF-Signature: $spf_result ($spf_header_comment)
set acl_m1 = 1
set acl_m2 = =E2=9A=A0=EF=B8=8F Trasig SPF-signatur
warn
condition = ${if eq{$acl_m1}{4}{yes}{no}}
add_header = X-SPF-Signature: permerror (No SPF lookup was made due to
technical error)
set acl_m1 = 1
set acl_m2 = =E2=9A=A0=EF=B8=8F Trasig SPF-signatur
acceptAnd the SPF check ends up in " X-SPF-Signature: permerror (No SPF lookup was made due to technical error)" meaning that the execution isn't aborted earlier. -----Ursprungligt meddelande----- Från: Cyborg via Exim-users <[email protected]> Skickat: den 17 september 2020 10:30 Till: [email protected] Ämne: Re: [exim] What causes Exim to just silently skip SPF checking? Am 17.09.20 um 05:54 schrieb Sebastian Nielsen via Exim-users: > What causes Exim to just silently skip SPF checking? > A logic error :) > > > It has started just skipping SPF checking silently, resulting in no > SPF header at all. And no, there is no ACL that is tripping before the > SPF check, because I have done a "catch-all" ACL which inserts a > header after all the SPF checks. > > So what can it be? > You could start with supplying your acl where the SPF check is done. Normally it should be in ... acl_check_rcpt: ... a lot of other rules ... <= there will be an "accept" and the email triggered it. # ADD SPF HERE # Use "spfquery" to obtain SPF status for this particular sender/host. # If the return code of that command is 1, this is an unauthorized sender. # deny message = [SPF] $sender_host_address is not allowed to send mail from $sender_address_domain. log_message = SPF check failed for $sender_address from $sender_host_address etc.. etc.. ... a few more other rules ... best regards, Marius -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
smime.p7s
Description: S/MIME Cryptographic Signature
-- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
